Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/oe2rGs1DDP5KUfMdsYUNlaiEsUQ.cer
File:                     oe2rGs1DDP5KUfMdsYUNlaiEsUQ.cer (raw, json)
Hash identifier:          zTw5/yhsDwAQy+BUqacdfkxkY3GS7idvWAADc4N44Lk=
Subject key identifier:   A1:ED:AB:1A:CD:43:0C:FE:4A:51:F3:1D:B1:85:0D:95:A8:84:B1:44
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       2FCD
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F366C302/763D829EFEE611EE904BCF6B017001B1/oe2rGs1DDP5KUfMdsYUNlaiEsUQ.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F366C302/763D829EFEE611EE904BCF6B017001B1/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 02:47:05 +0000
Certificate not after:    Tue 31 Mar 2026 00:00:00 +0000
Subordinate resources:    AS: 37628
                          IP: 154.65.12.0/22
                          IP: 2c0f:f4f0::/32
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12237 (0x2fcd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC
        Validity
            Not Before: Jan  1 02:47:05 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=F366C302AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:94:5b:79:0f:ad:89:f5:11:a2:40:34:2a:fa:
                    cc:e1:97:18:0f:88:d8:35:88:40:5f:5e:bb:dd:05:
                    74:ac:8c:6c:b9:22:2c:d3:3f:d3:9d:e7:8c:9e:22:
                    d6:e6:78:48:36:0f:d6:65:dd:a8:87:b7:13:c9:40:
                    5a:29:40:b3:95:e1:01:fa:86:55:de:c2:62:db:c0:
                    ee:1a:c1:cc:06:1e:72:4d:0e:90:5a:f1:a3:53:0b:
                    eb:47:db:d1:c2:3a:24:b2:0b:ae:1e:89:83:fa:41:
                    d2:a5:38:d9:9e:c2:49:0c:2b:2e:1f:2a:ce:b2:ed:
                    31:7b:83:84:17:d7:c3:29:b2:af:28:f9:05:05:27:
                    69:f8:5c:99:2c:f2:56:0b:2a:f4:d2:fe:7e:77:ba:
                    d8:68:be:71:8b:71:ff:c8:47:fa:db:51:bd:17:ad:
                    35:dd:d7:a9:31:c5:82:46:a4:8b:d8:c9:64:66:f4:
                    35:e2:d6:6b:d5:1d:c1:66:63:60:24:db:96:87:54:
                    92:91:40:16:46:2c:e1:f9:d6:7e:ee:01:d0:54:c2:
                    aa:c9:e1:75:a4:b6:e0:89:47:8d:67:e8:bb:c6:1f:
                    3e:4a:cc:95:8f:c3:39:a9:8f:22:a3:f9:3e:14:91:
                    cd:5a:e4:09:ca:ec:fb:b0:fc:54:54:4e:63:87:3c:
                    c7:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:ED:AB:1A:CD:43:0C:FE:4A:51:F3:1D:B1:85:0D:95:A8:84:B1:44
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F366C302/763D829EFEE611EE904BCF6B017001B1/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F366C302/763D829EFEE611EE904BCF6B017001B1/oe2rGs1DDP5KUfMdsYUNlaiEsUQ.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37628

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.65.12.0/22
                IPv6:
                  2c0f:f4f0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a3:5e:e2:de:69:9f:b1:f7:61:44:ba:53:16:c0:35:07:6c:cb:
         73:71:17:fd:80:19:c9:92:29:49:50:5d:02:69:ce:f4:89:44:
         d8:54:57:80:58:41:fd:e2:d0:89:41:a8:13:bc:0f:06:f4:dc:
         fd:a7:5d:fc:70:24:7c:bc:c8:f3:a5:3f:26:e6:6d:09:42:c4:
         95:81:56:57:58:fc:18:6b:d0:cd:72:1a:f9:6a:65:8c:33:21:
         56:5f:c5:33:40:b2:27:74:6f:04:93:1b:38:31:ce:ba:4a:e1:
         69:05:18:7f:d6:25:65:3f:83:df:7d:a8:a6:54:5c:fa:ac:49:
         f1:96:76:37:2f:9d:1d:6a:89:d8:74:4a:1f:2c:f9:56:89:8e:
         25:6b:d5:fe:2a:83:3c:54:9b:0a:26:6d:01:ee:48:e3:cd:46:
         ca:c4:6f:48:0e:6f:9d:0c:29:27:7d:92:52:bd:f6:fd:82:6c:
         78:d4:da:4b:75:88:e0:21:d0:03:40:55:09:fe:4f:af:59:70:
         13:2c:e7:af:2e:ee:4c:ff:6e:f4:9a:9a:2d:41:cb:1f:3c:b3:
         2b:34:9b:00:5b:cd:b4:c2:d0:65:35:89:f6:f7:d4:e9:9a:92:
         d7:6a:0d:df:1b:cf:93:a7:6b:bb:ec:fd:e3:18:71:7a:6e:e2:
         c2:d4:8f:0f
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgICL80wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNTAxMDEwMjQ3MDVaFw0yNjAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjZDMzAyQUYxMTAvBgNVBAUTKEExRURBQjFBQ0Q0MzBDRkU0QTUxRjMx
REIxODUwRDk1QTg4NEIxNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQColFt5D62J9RGiQDQq+szhlxgPiNg1iEBfXrvdBXSsjGy5IizTP9Od54yeItbm
eEg2D9Zl3aiHtxPJQFopQLOV4QH6hlXewmLbwO4awcwGHnJNDpBa8aNTC+tH29HC
OiSyC64eiYP6QdKlONmewkkMKy4fKs6y7TF7g4QX18Mpsq8o+QUFJ2n4XJks8lYL
KvTS/n53uthovnGLcf/IR/rbUb0XrTXd16kxxYJGpIvYyWRm9DXi1mvVHcFmY2Ak
25aHVJKRQBZGLOH51n7uAdBUwqrJ4XWktuCJR41n6LvGHz5KzJWPwzmpjyKj+T4U
kc1a5AnK7Puw/FRUTmOHPMc7AgMBAAGjggMaMIIDFjAdBgNVHQ4EFgQUoe2rGs1D
DP5KUfMdsYUNlaiEsUQwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY2QzMwMi83NjNEODI5RUZFRTYx
MUVFOTA0QkNGNkIwMTcwMDFCMS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkMzMDIvNzYzRDgyOUVGRUU2MTFFRTkwNEJDRjZCMDE3MDAxQjEvb2Uyckdz
MUREUDVLVWZNZHNZVU5sYWlFc1VRLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkvwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAKaQQwwDQQCAAIwBwMF
ACwP9PAwDQYJKoZIhvcNAQELBQADggEBAKNe4t5pn7H3YUS6UxbANQdsy3NxF/2A
GcmSKUlQXQJpzvSJRNhUV4BYQf3i0IlBqBO8Dwb03P2nXfxwJHy8yPOlPybmbQlC
xJWBVldY/Bhr0M1yGvlqZYwzIVZfxTNAsid0bwSTGzgxzrpK4WkFGH/WJWU/g999
qKZUXPqsSfGWdjcvnR1qidh0Sh8s+VaJjiVr1f4qgzxUmwombQHuSOPNRsrEb0gO
b50MKSd9klK99v2CbHjU2kt1iOAh0ANAVQn+T69ZcBMs568u7kz/bvSami1Byx88
sys0mwBbzbTC0GU1ifb31OmaktdqDd8bz5Ona7vs/eMYcXpu4sLUjw8=
-----END CERTIFICATE-----